Go to listing page

Daily Cybersecurity Roundup, July 02, 2025

Looks like the cookie didn’t just crumble, it got stolen. A newly discovered C4 Bomb attack sidesteps Chrome’s AppBound Cookie Encryption, exposing users to cookie theft and potential data breaches. In another discovery, a FileFix technique circumvents Windows’ Mark of the Web (MoTW), leveraging social engineering to trick users into saving HTML files as .HTA, which then executes malicious JScript. Meanwhile, mobile malware targeting Android surged 151% in 2025, with sharp spikes in spyware (147%) and SMS-based malware (692%), driven by more coordinated and targeted campaigns, according to Malwarebytes. Continue reading for additional cybersecurity insights.

01

Researchers discovered a new cyberattack called C4 Bomb that bypasses Google Chrome’s AppBound Cookie Encryption, exposing users to risks of cookie theft and data breaches.

02

A new FileFix attack has been found that bypasses Windows’ Mark of the Web (MoTW) by exploiting how browsers save HTML files. It tricks users into saving a webpage as a .HTA file, which auto-runs malicious JScript via mshta.exe.

03

U.S. cybersecurity agencies warn of increasing Iranian cyberattacks targeting defense, OT networks, and critical infrastructure by exploiting outdated software, weak passwords, and exposed systems through reconnaissance, password cracking, and spear-phishing.

04

Europol, along with authorities from Spain, the U.S., France, and Estonia, busted a $540 million crypto romance scam that defrauded over 5,000 victims via chats and dating apps, laundering funds through a Hong Kong-based network.

05

As per Malwarebytes' report, mobile malware targeting Android devices has risen by 151% in 2025, with a significant increase in spyware (147%) and SMS-based malware (692%) due to targeted and coordinated attacks.

06

The Chinese-linked Houken group (UNC5174) is exploiting Ivanti Cloud Service Appliance zero-days (CVE-2024-8190, CVE-2024-8963, CVE-2024-9380) to target French organizations. The attacks enable RCE and deploy a new Linux rootkit for persistent access.

07

Google released emergency updates to fix this year’s fourth actively exploited Chrome zero-day vulnerability (CVE-2025-6554). The high-severity type confusion flaw in the Chrome V8 JavaScript engine can lead to arbitrary code execution.

08

A critical vulnerability (CVE-2025-32463) has been discovered in Linux Sudo versions 1.9.14-1.9.17 that allows local unprivileged users to escalate privileges to root by exploiting the chroot (-R) option.

09

Tel Aviv-based cloud security provider Cato Networks secured $359 million in a Series G funding round led by Vitruvian Partners and Ion Crossover Partners, with participation from Lightspeed Venture Partners, Acrew Capital, and Adams Street Partners.

10

A cloud-based, AI-driven MSSP, LevelBlue, is set to acquire Trustwave, a cybersecurity and MDR services provider.

Get the Daily Cybersecurity Roundup delivered to your email!